Trusted applet - without signing ?

The Whizlabs SCEA simulator says "In JDK 1.1, only signed applets were trusted whereas in JDK 1.2, any applet with the right security permissions can be trusted." Is this correct ? How can this be implemented without signing?